'Safe Harbor': People in Europe 'can get quite litigious about this'

US cloud businesses face 'legislative buzzsaw'

Both small and large US data centre companies are walking "headlong into a legislative buzzsaw" following a landmark 'Safe Harbor' ruling this week, the founder of database software company NuoDB, Barry Morris, has said.

On Tuesday the European Court of Justice struck down the 15-year-old "Safe Harbor" pact, invalidating the sharing of data with the US on grounds it violated the privacy rights of Europeans by exposing them to allegedly indiscriminate surveillance by the US. The case was brought by Austrian privacy advocate Max Schrems [pictured].

"As of today [Wednesday] privacy laws are local to individual countries across Europe and companies are just not prepared for that," said Morris.

He said their lack of foresight into the move toward greater sovereignty of data will be "a costly mistake." He said: "Companies are either going to figure out it will limit their [growth] - or increase their legal costs."

Morris added that people in Europe "can get quite litigious about this" which will increase the risks and costs associated with doing business there.

He said the failure to foresee the shift in the legislative landscape is an issue that will affect both large and small operations alike.

"Even small companies are trying to run global business now. We have to deal with the fact that data has jurisdictional [implications]".

In June, NuoDB set up a working group on the issue of 'data residency' to try and navigate the data technology and policy minefield across Europe.

Deputy Commissioner David Smith, of the UK Information Commissioner's Office, said of the ruling earlier this week that businesses using Safe Harbor will need to review how they ensure that data transferred to the US is transferred in line with the law.